Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...
CoinDesk

Aave overhauls listing standards after $230 million rsETH exploit exposed bridge risks

An official postmortem traced the exploit to a LayerZero bridge verification failure and outlined a sweeping overhaul of Aave ...
GitHub

Proof of concept of CVE-2026-8161 (Multiparty)

multiparty@4.2.3 and earlier are vulnerable to denial of service through an uncaught exception. The parser stores uploaded fields and files in plain JavaScript objects and does not safely distinguish ...